Package Release Info

pdns-4.1.2-bp150.2.3.1

Update Info: openSUSE-2018-1571
Available in Package Hub : 15 Update

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

pdns
pdns-backend-geoip
pdns-backend-godbc
pdns-backend-ldap
pdns-backend-lua
pdns-backend-mydns
pdns-backend-mysql
pdns-backend-postgresql
pdns-backend-remote
pdns-backend-sqlite3

Change Logs

* Tue Nov 06 2018 adam.majer@suse.de
- CVE-2018-10851-auth-4.1.4.patch: fixes DoS via crafted zone record
  (bnc#1114157, CVE-2018-10851)
- CVE-2018-14626-auth-4.1.4.patch: fixes an issue allowing a
  remote user to craft a DNS query that will cause an answer without
  DNSSEC records to be inserted into the packet cache and be
  returned to clients asking for DNSSEC records, thus hiding
  the presence of DNSSEC signatures leading to a potential DoS
  (bsc#1114169, CVE-2018-14626)
Version: 4.1.2-bp150.1.1
* Fri May 11 2018 kbabioch@suse.com
- Update to 4.1.2
  - Improvements
  * API: increase serial after dnssec related updates
  * Auth: lower ?packet too short? loglevel
  * Make check-zone error on rows that have content but shouldn?t
  * Auth: avoid an isane amount of new backend connections during an axfr
  * Report unparseable data in stoul invalid_argument exception
  * Backport: recheck serial when axfr is done
  * Backport: add tcp support for alias
  - Bug Fixes
  * Auth: allocate new statements after reconnecting to postgresql
  * Auth-bindbackend: only compare ips in ismaster() (Kees Monshouwer)
  * Rather than crash, sheepishly report no file/linenum
  * Document undocumented config vars
  * Backport #6276 (auth 4.1.x): prevent cname + other data with dnsupdate
  - misc
  * Move includes around to avoid boost L conflict
  * Backport: update edns option code list
  * Auth: link dnspcap2protobuf against librt when needed
  * Fix a warning on botan >= 2.5.0
  * Auth 4.1.x: unbreak build
  * Dnsreplay: bail out on a too small outgoing buffer (CVE-2018-1046 bsc#1092540)
* Mon Apr 23 2018 mrueckert@suse.de
- add patch for upstream issue #6228
  https://patch-diff.githubusercontent.com/raw/PowerDNS/pdns/pull/6370.patch
* Fri Apr 13 2018 adam.majer@suse.de
- geoip not available on SLE15 but protobuf support is available.
* Fri Feb 16 2018 michael@stroeder.com
- Update to version 4.1.1:
  bug-fix only release, with fixes to the LDAP and MySQL backends,
  the pdnsutil tool, and PDNS internals
* Thu Nov 30 2017 adam.majer@suse.de
- Update to version 4.1.0:
  + Recursor passthrough removal. Migration plans for users of
    recursor passthrough are in documentation and available at,
    https://doc.powerdns.com/authoritative/guides/recursion.html
  + Improved performance: 4x speedup in some scenarios
  + Crypto API: DNSSEC fully configurable via RESTful API
  + Database: enhanced reconnection logic solving problems
    associated with idle disonnection from database servers.
  + Documentation improvements
  + Support for TCP Fast Open
  + Removed deprecated SOA-EDIT values: INCEPTION and INCEPTION-WEEK
- pkgconfig(krb5) is now always required for building LDAP backend
- pdns-4.0.4_mysql-schema-mariadb.patch: removed, upstreamed
* Mon Nov 27 2017 mrueckert@suse.de
- package schema files in ldap subpackage
* Mon Nov 27 2017 adam.majer@suse.de
- Update to version 4.0.5:
  + fixes CVE-2017-15091: Missing check on API operations
  + Bindbackend: do not corrupt data supplied by other backends in
    getAllDomains
  + For create-slave-zone, actually add all slaves, and not only
    first n times
  + Check return value for all getTSIGKey calls.
  + Publish inactive KSK/CSK as CDNSKEY/CDS
  + Treat requestor?s payload size lower than 512 as equal to 512
  + Correctly purge entries from the caches after a transfer
  + LuaWrapper: Allow embedded NULs in strings received from Lua
  + Stubresolver: Use only recursor setting if given
  + mydnsbackend: Add getAllDomains
  + LuaJIT 2.1: Lua fallback functionality no longer uses Lua namespace
  + gpgsql: make statement names actually unique
  + API: prevent sending nameservers list and zone-level NS in rrsets
* Tue Oct 31 2017 jengelh@inai.de
- Ensure descriptions are neutral. Remove ineffective --with-pic.
- Do not ignore errors from useradd.
- Trim idempotent %if..%endif around %package.
* Thu Oct 19 2017 adam.majer@suse.de
- Added pdns.keyring linked from https://dnsdist.org/install.html
* Fri Sep 29 2017 vcizek@suse.com
- Don't BuildRequire Botan 1.x which will be dropped (bsc#1055322)
  * upstream support for Botan was dropped in favor of OpenSSL, see
  https://blog.powerdns.com/2016/07/11/powerdns-authoritative-server-4-0-0-released
* Sun Jul 30 2017 wr@rosenauer.org
- This makes the schema fit storage requirements of various
  mysql/mariadb versions. pdns-4.0.4_mysql-schema-mariadb.patch
- preset uid and gid in configuration
* Fri Jun 23 2017 michael@stroeder.com
- fixed use of pdns_protobuf
* Fri Jun 23 2017 michael@stroeder.com
- fixed use of pdns_protobuf
* Fri Mar 31 2017 mrueckert@suse.de
- added pdns-4.0.3_allow_dacoverride_in_capset.patch:
  Adding CAP_DAC_OVERRIDE to fix startup problems with sqlite3
  backend
* Thu Feb 02 2017 adam.majer@suse.de
- use individual libboost-*-devel packages instead of boost-devel
* Tue Jan 17 2017 michael@stroeder.com
- update to 4.0.3 which obsoletes b854d9f.diff
* Fri Jan 13 2017 adam.majer@suse.de
- b854d9f.diff: revert upstream change that caused a regression
  with multiple-backends
* Fri Jan 13 2017 adam.majer@suse.de
- b854d9f.diff: revert upstream change that caused a regression
  with multiple-backends
* Mon Dec 12 2016 dimstar@opensuse.org
- BuildRequire pkgconfig(libsystemd) instead of
  pkgconfig(libsystemd-daemon): these libs were merged in systemd
  209 times. The build system is capable of finding either one.
* Sat Jul 30 2016 michael@stroeder.com
- update to 4.0.1
  Bug fixes
  - #4126 Wait for the connection to the carbon server to be established
  - #4206 Don't try to deallocate empty PG statements
  - #4245 Send the correct response when queried for an NSEC directly (Kees Monshouwer)
  - #4252 Don't include bind files if length <= 2 or > sizeof(filename)
  - #4255 Catch runtime_error when parsing a broken MNAME
  Improvements
  - #4044 Make DNSPacket return a ComboAddress for local and remote (Aki Tuomi)
  - #4056 OpenSSL 1.1.0 support (Christian Hofstaedtler)
  - #4169 Fix typos in a logmessage and exception (Christian Hofsteadtler)
  - #4183 pdnsutil: Remove checking of ctime and always diff the changes (Hannu Ylitalo)
  - #4192 dnsreplay: Only add Client Subnet stamp when asked
  - #4250 Use toLogString() for ringAccount (Kees Monshouwer)
  Additions
  - #4133 Add limits to the size of received {A,I}XFR (CVE-2016-6172)
  - #4142 Add used filedescriptor statistic (Kees Monshouwer)